Zdravim
prosim o kontrolu logu. Dakujem
Logfile of random's system information tool 1.08 (written by random/random)
Run by Slavo at 2013-03-15 09:11:05
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 38 GB (58%) free of 65 GB
Total RAM: 4000 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:11:16, on 15. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Slavo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7881 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 24791136
\??\C:\Windows\system32\conhost.exe "-2014595444-128711768-216957839-4726517801380807000-1711760042-1212392984-464155488
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {0CC258C3-401F-4E17-88AC-1FA200777ABE}
C:\Windows\Explorer.EXE
ATKOSD.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4576.0.1479219921\1439315119" --supports-dual-gpus=false --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=BookmarkPrompt/Control/ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/10/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="4576.2.2097969180\1182143351" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=BookmarkPrompt/Control/ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/10/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="4576.3.1857027751\289713687" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4576.11.1846684274\1262341957" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=BookmarkPrompt/Control/ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/10/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4576.13.564730710\1276389074" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe64_ Global\UsGthrCtrlFltPipeMssGthrPipe64 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Slavo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-12-21 6326448]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-06-19 174752]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"PowerDVD12DMREngine"=C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-01-02 501544]
"PowerDVD12Agent"=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2012-01-12 371256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-15 09:11:06 ----D---- C:\Program Files\trend micro
2013-03-15 09:11:05 ----D---- C:\rsit
2013-03-14 15:41:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-14 15:41:45 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-14 15:41:45 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-14 15:41:45 ----A---- C:\Windows\system32\elshyph.dll
2013-03-14 15:41:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 15:41:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 15:41:44 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-14 15:41:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-14 15:41:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 15:41:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 15:41:42 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-14 15:41:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-14 15:41:42 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-14 15:41:42 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-14 15:41:41 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-14 15:41:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 15:41:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 15:41:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 15:41:40 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-14 15:41:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-14 15:41:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 15:41:38 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-14 15:41:37 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-14 15:41:36 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 15:41:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 15:41:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 15:41:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-14 15:41:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-14 15:41:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-14 15:41:32 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 15:41:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-14 15:41:32 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-14 15:41:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-14 15:41:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-14 15:41:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-14 15:41:30 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-14 15:41:29 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 15:41:29 ----A---- C:\Windows\system32\msrating.dll
2013-03-14 15:41:29 ----A---- C:\Windows\system32\msls31.dll
2013-03-14 15:41:29 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 15:41:28 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 15:41:28 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 15:41:28 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-14 15:41:28 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-14 15:41:28 ----A---- C:\Windows\system32\icardie.dll
2013-03-14 15:41:28 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-14 15:41:28 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-14 15:41:27 ----A---- C:\Windows\system32\url.dll
2013-03-14 15:41:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-14 15:41:27 ----A---- C:\Windows\system32\iesetup.dll
2013-03-14 15:41:27 ----A---- C:\Windows\system32\iernonce.dll
2013-03-14 15:41:27 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-14 15:41:25 ----A---- C:\Windows\system32\wextract.exe
2013-03-14 15:41:25 ----A---- C:\Windows\system32\webcheck.dll
2013-03-14 15:41:25 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 15:41:25 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 15:41:25 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 15:41:25 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-14 15:41:25 ----A---- C:\Windows\system32\inseng.dll
2013-03-14 15:41:25 ----A---- C:\Windows\system32\iexpress.exe
2013-03-14 15:41:23 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-14 15:41:23 ----A---- C:\Windows\system32\occache.dll
2013-03-14 15:41:23 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 15:41:23 ----A---- C:\Windows\system32\mshta.exe
2013-03-14 15:41:23 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-14 15:41:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-14 15:41:23 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 15:41:23 ----A---- C:\Windows\system32\imgutil.dll
2013-03-14 15:41:23 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 15:41:23 ----A---- C:\Windows\system32\iepeers.dll
2013-03-14 15:41:22 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-14 15:41:22 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-14 15:41:22 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 15:41:22 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 15:41:22 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-14 15:41:22 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-14 15:41:21 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 15:34:04 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-03-14 15:34:04 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-03-14 15:34:04 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-14 15:34:04 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-14 15:33:58 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-03-14 15:33:58 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-14 15:33:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-14 15:33:54 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-03-14 15:33:54 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-14 15:33:53 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-03-14 15:33:53 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-14 15:33:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-14 15:33:52 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-03-14 15:33:52 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-03-14 15:33:52 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-03-14 15:33:52 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-03-14 15:33:52 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-03-14 15:33:52 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-14 15:33:52 ----A---- C:\Windows\system32\dxgi.dll
2013-03-14 15:33:52 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-14 15:33:52 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-14 15:33:51 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-03-14 15:33:51 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-03-14 15:33:51 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-03-14 15:33:51 ----A---- C:\Windows\system32\d3d11.dll
2013-03-14 15:33:51 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-14 15:33:51 ----A---- C:\Windows\system32\d3d10.dll
2013-03-14 15:33:50 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-03-14 15:33:50 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-03-14 15:33:50 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-14 15:33:50 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-14 15:33:50 ----A---- C:\Windows\system32\FntCache.dll
2013-03-14 15:33:50 ----A---- C:\Windows\system32\DWrite.dll
2013-03-14 15:33:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-03-14 15:33:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-14 15:33:49 ----A---- C:\Windows\system32\d2d1.dll
2013-03-14 15:33:48 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-03-14 14:14:12 ----D---- C:\Program Files (x86)\CyberLink
2013-03-14 11:43:29 ----D---- C:\ProgramData\Protexis
2013-03-14 11:40:18 ----A---- C:\Windows\system32\drivers\regi.sys
2013-03-14 11:39:06 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-03-14 10:57:11 ----D---- C:\Users\Slavo\AppData\Roaming\ImgBurn
2013-03-14 10:28:41 ----D---- C:\Program Files (x86)\ImgBurn
2013-03-14 10:16:57 ----D---- C:\Users\Slavo\AppData\Roaming\Nero
2013-03-14 09:34:13 ----D---- C:\Program Files (x86)\Nero
2013-03-14 09:34:02 ----D---- C:\ProgramData\Nero
2013-03-14 09:29:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-03-14 09:28:17 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-03-14 09:27:17 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-03-14 09:26:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-03-14 09:25:12 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-03-14 09:24:08 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-03-13 22:43:00 ----D---- C:\Users\Slavo\AppData\Roaming\Media Player Classic
2013-03-13 21:43:04 ----D---- C:\MediaServer
2013-03-13 21:42:49 ----D---- C:\ProgramData\PDVD
2013-03-13 21:42:38 ----D---- C:\Users\Slavo\AppData\Roaming\CyberLink
2013-03-13 21:42:30 ----D---- C:\ProgramData\CyberLink
2013-03-13 21:38:14 ----D---- C:\ProgramData\Temp
2013-03-13 21:38:11 ----D---- C:\ProgramData\install_clap
2013-03-13 20:58:49 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2013-03-13 20:58:48 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2013-03-13 20:58:48 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2013-03-13 20:58:48 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2013-03-13 20:58:42 ----A---- C:\Windows\SYSWOW64\unrar.dll
2013-03-13 20:58:28 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2013-03-13 20:58:19 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2013-03-13 18:33:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 18:33:09 ----D---- C:\Windows\SYSWOW64\Macromed
2013-03-13 18:33:06 ----D---- C:\Windows\system32\Macromed
2013-03-13 16:27:35 ----D---- C:\Program Files\Unlocker
2013-03-13 15:17:31 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-13 09:16:30 ----D---- C:\Users\Slavo\AppData\Roaming\WinRAR
2013-03-13 07:03:54 ----D---- C:\Users\Slavo\AppData\Roaming\Mirillis
2013-03-13 07:03:54 ----D---- C:\ProgramData\Mirillis
2013-03-12 15:53:16 ----D---- C:\ProgramData\SonicFocus
2013-03-12 15:52:56 ----D---- C:\Program Files\Realtek
2013-03-12 15:52:55 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-03-12 15:52:07 ----A---- C:\Windows\system32\WavesGUILib.dll
2013-03-12 15:52:06 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-03-12 15:52:06 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-03-12 15:52:06 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-03-12 15:52:06 ----A---- C:\Windows\system32\SRSHP64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFSAPO64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFProc64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFNHK64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFHAPO64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFDAPO64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFComm64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFCOM64.dll
2013-03-12 15:52:05 ----A---- C:\Windows\system32\SFAPO64.dll
2013-03-12 15:52:04 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-03-12 15:52:04 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-03-12 15:52:04 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RtkApi64.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RTEED64A.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RTCOM64.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-03-12 15:52:03 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-03-12 15:52:02 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-03-12 15:52:00 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-03-12 15:51:59 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-03-12 15:51:59 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2013-03-12 15:51:59 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2013-03-12 15:51:58 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-03-12 15:51:58 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-03-12 15:51:58 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-03-12 15:51:56 ----A---- C:\Windows\system32\FMAPO64.dll
2013-03-12 15:51:56 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-03-12 15:51:55 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-03-12 15:51:54 ----D---- C:\Program Files (x86)\Realtek
2013-03-12 15:51:54 ----A---- C:\Windows\system32\AERTAR64.dll
2013-03-12 15:51:54 ----A---- C:\Windows\system32\AERTAC64.dll
2013-03-12 15:51:49 ----HD---- C:\Program Files (x86)\Temp
2013-03-12 15:51:48 ----A---- C:\Windows\RtlExUpd.dll
2013-03-12 15:47:59 ----A---- C:\Windows\system32\drivers\revoflt.sys
2013-03-12 15:47:54 ----D---- C:\Program Files\VS Revo Group
2013-03-12 15:45:05 ----D---- C:\Program Files (x86)\Microsoft Works
2013-03-12 15:44:48 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2013-03-12 15:44:15 ----D---- C:\Windows\PCHEALTH
2013-03-12 15:41:55 ----D---- C:\Program Files\Microsoft Office
2013-03-12 15:41:48 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-03-12 15:41:08 ----D---- C:\ProgramData\Microsoft Help
2013-03-12 15:41:08 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-12 15:40:05 ----RHD---- C:\MSOCache
2013-03-12 15:36:26 ----D---- C:\Users\Slavo\AppData\Roaming\ArcSoft
2013-03-12 15:34:06 ----D---- C:\Program Files\CCleaner
2013-03-12 15:27:05 ----D---- C:\ProgramData\ArcSoft
2013-03-12 15:26:59 ----A---- C:\Windows\system32\drivers\VirtualizerDDK.sys
2013-03-12 15:20:51 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-03-12 15:20:44 ----D---- C:\Users\Slavo\AppData\Roaming\DAEMON Tools Lite
2013-03-12 15:20:33 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-03-12 15:18:52 ----D---- C:\Program Files (x86)\Mirillis
2013-03-12 15:16:51 ----D---- C:\Program Files (x86)\WinRAR
2013-03-12 14:55:17 ----D---- C:\Program Files\Logon Screen
2013-03-12 14:51:54 ----D---- C:\Users\Slavo\AppData\Roaming\Skype
2013-03-12 14:51:24 ----RD---- C:\Program Files (x86)\Skype
2013-03-12 14:33:09 ----D---- C:\ProgramData\Skype
2013-03-12 13:36:05 ----D---- C:\Program Files (x86)\ASM104xUSB3
2013-03-12 13:30:29 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-12 12:10:32 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2013-03-12 12:10:32 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-03-12 12:10:32 ----A---- C:\Windows\system32\fsutil.exe
2013-03-12 12:10:32 ----A---- C:\Windows\system32\esent.dll
2013-03-12 12:10:32 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-03-12 12:10:32 ----A---- C:\Windows\system32\drivers\storport.sys
2013-03-12 12:10:32 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-03-12 12:10:32 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-03-12 12:10:32 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-03-12 12:10:32 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-03-12 12:10:32 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-03-12 12:10:25 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-03-12 12:10:25 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-03-12 12:10:24 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-03-12 12:10:24 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-03-12 12:10:24 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-03-12 12:10:24 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-03-12 12:10:24 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-03-12 12:10:24 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-03-12 12:10:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-03-12 11:58:20 ----D---- C:\Windows\SYSWOW64\Wat
2013-03-12 11:58:20 ----D---- C:\Windows\system32\Wat
2013-03-12 11:06:32 ----D---- C:\Program Files (x86)\uTorrent
2013-03-12 11:04:35 ----D---- C:\Users\Slavo\AppData\Roaming\uTorrent
2013-03-12 11:01:16 ----D---- C:\Users\Slavo\AppData\Roaming\Adobe
2013-03-12 10:59:14 ----D---- C:\ProgramData\Adobe
2013-03-12 10:59:07 ----D---- C:\Program Files (x86)\Adobe
2013-03-12 10:53:17 ----A---- C:\Windows\system32\MRT.exe
2013-03-12 10:46:25 ----A---- C:\Windows\system32\Wdfres.dll
2013-03-12 10:46:25 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-03-12 10:46:25 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-03-12 10:39:00 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-12 10:39:00 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-12 10:39:00 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-03-12 10:38:59 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-03-12 10:38:59 ----A---- C:\Windows\system32\drivers\terminpt.sys
2013-03-12 10:38:59 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-03-12 10:38:58 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-03-12 10:38:57 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-03-12 10:38:57 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-03-12 10:38:57 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-03-12 10:38:57 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-03-12 10:38:57 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-03-12 10:38:57 ----A---- C:\Windows\system32\wksprtPS.dll
2013-03-12 10:38:57 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-03-12 10:38:57 ----A---- C:\Windows\system32\tsgqec.dll
2013-03-12 10:38:57 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-03-12 10:38:57 ----A---- C:\Windows\system32\aaclient.dll
2013-03-12 10:38:56 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-03-12 10:38:56 ----A---- C:\Windows\system32\wksprt.exe
2013-03-12 10:38:56 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-03-12 10:38:56 ----A---- C:\Windows\system32\rdpudd.dll
2013-03-12 10:38:56 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-03-12 10:38:56 ----A---- C:\Windows\system32\mstsc.exe
2013-03-12 10:38:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-03-12 10:38:55 ----A---- C:\Windows\system32\rdpcorets.dll
2013-03-12 10:38:54 ----A---- C:\Windows\system32\mstscax.dll
2013-03-12 10:27:02 ----A---- C:\Windows\system32\browserchoice.exe
2013-03-12 10:15:55 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-03-12 10:15:55 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-03-12 10:15:55 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-03-12 10:15:55 ----A---- C:\Windows\system32\fontsub.dll
2013-03-12 10:15:55 ----A---- C:\Windows\system32\atmlib.dll
2013-03-12 10:15:55 ----A---- C:\Windows\system32\atmfd.dll
2013-03-12 10:15:21 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-03-12 10:15:21 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-03-12 10:15:20 ----A---- C:\Windows\system32\WUDFx.dll
2013-03-12 10:15:20 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-03-12 10:15:20 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-03-12 10:15:20 ----A---- C:\Windows\system32\WUDFHost.exe
2013-03-12 10:15:20 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-03-12 10:13:21 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-03-12 10:13:21 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-03-12 10:13:21 ----A---- C:\Windows\system32\wmi.dll
2013-03-12 10:13:21 ----A---- C:\Windows\system32\imagehlp.dll
2013-03-12 10:13:21 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-03-12 10:12:39 ----D---- C:\Program Files (x86)\Intel
2013-03-12 10:12:38 ----D---- C:\Intel
2013-03-12 10:09:11 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-03-12 10:09:11 ----A---- C:\Windows\system32\msi.dll
2013-03-12 10:09:09 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-03-12 10:09:09 ----A---- C:\Windows\system32\webio.dll
2013-03-12 10:09:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-03-12 10:09:07 ----A---- C:\Windows\system32\drivers\netio.sys
2013-03-12 10:09:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-03-12 10:08:22 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-03-12 10:08:22 ----A---- C:\Windows\system32\Wpc.dll
2013-03-12 10:08:22 ----A---- C:\Windows\system32\gameux.dll
2013-03-12 10:08:21 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-03-12 10:08:11 ----A---- C:\Windows\system32\tquery.dll
2013-03-12 10:08:10 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-03-12 10:08:10 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-03-12 10:08:10 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-03-12 10:08:10 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-03-12 10:08:10 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-03-12 10:08:10 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-03-12 10:08:10 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-03-12 10:08:10 ----A---- C:\Windows\system32\mssrch.dll
2013-03-12 10:08:10 ----A---- C:\Windows\system32\mssph.dll
2013-03-12 10:08:09 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-03-12 10:08:09 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-03-12 10:08:09 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-03-12 10:08:09 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-03-12 10:08:09 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-03-12 10:08:09 ----A---- C:\Windows\system32\mssvp.dll
2013-03-12 10:08:09 ----A---- C:\Windows\system32\mssphtb.dll
2013-03-12 10:08:09 ----A---- C:\Windows\system32\msscntrs.dll
2013-03-12 10:08:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-03-12 10:08:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-03-12 10:08:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-03-12 10:08:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-03-12 10:08:00 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-03-12 10:08:00 ----A---- C:\Windows\system32\wow64win.dll
2013-03-12 10:08:00 ----A---- C:\Windows\system32\KernelBase.dll
2013-03-12 10:08:00 ----A---- C:\Windows\system32\kernel32.dll
2013-03-12 10:08:00 ----A---- C:\Windows\system32\conhost.exe
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-03-12 10:07:59 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-03-12 10:07:59 ----A---- C:\Windows\system32\wow64cpu.dll
2013-03-12 10:07:59 ----A---- C:\Windows\system32\wow64.dll
2013-03-12 10:07:59 ----A---- C:\Windows\system32\ntvdm64.dll
2013-03-12 10:07:41 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-03-12 10:07:41 ----A---- C:\Windows\system32\ntshrui.dll
2013-03-12 10:07:37 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-03-12 10:07:37 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-03-12 10:07:37 ----A---- C:\Windows\system32\nlasvc.dll
2013-03-12 10:07:37 ----A---- C:\Windows\system32\netcorehc.dll
2013-03-12 10:07:37 ----A---- C:\Windows\system32\ncsi.dll
2013-03-12 10:07:37 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-03-12 10:07:36 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-03-12 10:07:36 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-03-12 10:07:36 ----A---- C:\Windows\system32\nlaapi.dll
2013-03-12 10:07:36 ----A---- C:\Windows\system32\netevent.dll
2013-03-12 10:07:36 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-03-12 10:07:23 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-03-12 10:07:23 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-03-12 10:07:23 ----A---- C:\Windows\system32\mfc42u.dll
2013-03-12 10:07:23 ----A---- C:\Windows\system32\mfc42.dll
2013-03-12 10:07:21 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-03-12 10:07:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-03-12 10:07:20 ----A---- C:\Windows\system32\qdvd.dll
2013-03-12 10:07:19 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-03-12 10:07:19 ----A---- C:\Windows\system32\xmllite.dll
2013-03-12 10:07:16 ----A---- C:\Windows\system32\win32k.sys
2013-03-12 10:07:15 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-03-12 10:07:15 ----A---- C:\Windows\system32\poqexec.exe
2013-03-12 10:07:13 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-03-12 10:07:13 ----A---- C:\Windows\system32\wintrust.dll
2013-03-12 10:07:11 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-03-12 10:07:11 ----A---- C:\Windows\explorer.exe
2013-03-12 10:07:09 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-03-12 10:07:09 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-03-12 10:07:07 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-03-12 10:07:07 ----A---- C:\Windows\system32\kerberos.dll
2013-03-12 10:07:01 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-03-12 10:07:01 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-03-12 10:07:01 ----A---- C:\Windows\system32\msxml6.dll
2013-03-12 10:07:01 ----A---- C:\Windows\system32\msxml3.dll
2013-03-12 10:07:00 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-03-12 10:07:00 ----A---- C:\Windows\system32\msxml3r.dll
2013-03-12 10:06:57 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-03-12 10:06:57 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-03-12 10:06:57 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-03-12 10:06:57 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-03-12 10:06:57 ----A---- C:\Windows\system32\dnsapi.dll
2013-03-12 10:06:56 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-03-12 10:06:56 ----A---- C:\Windows\system32\dpnet.dll
2013-03-12 10:06:55 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-03-12 10:06:55 ----A---- C:\Windows\system32\synceng.dll
2013-03-12 10:06:51 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-03-12 10:06:51 ----A---- C:\Windows\system32\oleaut32.dll
2013-03-12 10:06:51 ----A---- C:\Windows\system32\oleacc.dll
2013-03-12 10:06:50 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-03-12 10:06:49 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-03-12 10:06:48 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-03-12 10:06:47 ----A---- C:\Windows\system32\cdosys.dll
2013-03-12 10:06:41 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-03-12 10:06:41 ----A---- C:\Windows\system32\tzres.dll
2013-03-12 10:06:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-03-12 10:06:19 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-03-12 10:06:19 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-03-12 10:06:17 ----A---- C:\Windows\system32\csrsrv.dll
2013-03-12 10:06:11 ----A---- C:\Windows\system32\winsrv.dll
2013-03-12 10:06:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-03-12 10:06:10 ----A---- C:\Windows\SYSWOW64\user.exe
2013-03-12 10:06:10 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-03-12 10:06:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-03-12 10:06:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-03-12 10:05:55 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-03-12 10:05:55 ----A---- C:\Windows\system32\srcore.dll
2013-03-12 10:05:53 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-03-12 10:05:53 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-03-12 10:05:53 ----A---- C:\Windows\system32\drivers\srv.sys
2013-03-12 10:05:52 ----A---- C:\Windows\system32\sspisrv.dll
2013-03-12 10:05:52 ----A---- C:\Windows\system32\sspicli.dll
2013-03-12 10:05:52 ----A---- C:\Windows\system32\secur32.dll
2013-03-12 10:05:52 ----A---- C:\Windows\system32\lsass.exe
2013-03-12 10:05:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-03-12 10:05:51 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-03-12 10:05:51 ----A---- C:\Windows\system32\CPFilters.dll
2013-03-12 10:05:50 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-03-12 10:05:50 ----A---- C:\Windows\system32\sbe.dll
2013-03-12 10:05:47 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-03-12 10:05:45 ----A---- C:\Windows\system32\shell32.dll
2013-03-12 10:05:44 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-03-12 10:05:42 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-03-12 10:05:40 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-03-12 10:05:40 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-03-12 10:05:40 ----A---- C:\Windows\system32\schannel.dll
2013-03-12 10:05:40 ----A---- C:\Windows\system32\lsasrv.dll
2013-03-12 10:05:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-03-12 10:05:40 ----A---- C:\Windows\system32\drivers\cng.sys
2013-03-12 10:05:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-03-12 10:05:38 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-03-12 10:05:38 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-03-12 10:05:37 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-03-12 10:05:37 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-03-12 10:05:37 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-03-12 10:05:36 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-03-12 10:05:36 ----A---- C:\Windows\system32\EncDec.dll
2013-03-12 10:05:34 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-03-12 10:05:34 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-03-12 10:05:34 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-03-12 10:05:34 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-03-12 10:05:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-03-12 10:05:30 ----A---- C:\Windows\system32\ncrypt.dll
2013-03-12 10:05:29 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-03-12 10:05:29 ----A---- C:\Windows\system32\msvcrt.dll
2013-03-12 10:05:27 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-03-12 10:05:27 ----A---- C:\Windows\system32\usp10.dll
2013-03-12 10:05:26 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-03-12 10:05:26 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-03-12 10:05:26 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-03-12 10:05:26 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-03-12 10:05:26 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-03-12 10:05:26 ----A---- C:\Windows\system32\odbctrac.dll
2013-03-12 10:05:26 ----A---- C:\Windows\system32\odbccu32.dll
2013-03-12 10:05:26 ----A---- C:\Windows\system32\odbccr32.dll
2013-03-12 10:05:26 ----A---- C:\Windows\system32\odbccp32.dll
2013-03-12 10:05:25 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2013-03-12 10:05:25 ----A---- C:\Windows\system32\prevhost.exe
2013-03-12 10:05:24 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-03-12 10:05:24 ----A---- C:\Windows\system32\psisdecd.dll
2013-03-12 10:05:23 ----A---- C:\Windows\system32\winresume.exe
2013-03-12 10:05:23 ----A---- C:\Windows\system32\winload.exe
2013-03-12 10:05:23 ----A---- C:\Windows\system32\kdusb.dll
2013-03-12 10:05:23 ----A---- C:\Windows\system32\kdcom.dll
2013-03-12 10:05:23 ----A---- C:\Windows\system32\kd1394.dll
2013-03-12 10:05:22 ----A---- C:\Windows\system32\drivers\afd.sys
2013-03-12 10:05:20 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-03-12 10:05:20 ----A---- C:\Windows\system32\ntdll.dll
2013-03-12 10:05:20 ----A---- C:\Windows\system32\localspl.dll
2013-03-12 10:05:19 ----A---- C:\Windows\system32\taskhost.exe
2013-03-12 10:05:18 ----A---- C:\Windows\system32\profsvc.dll
2013-03-12 10:05:18 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-03-12 10:05:17 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-03-12 10:05:17 ----A---- C:\Windows\system32\win32spl.dll
2013-03-12 10:05:16 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-03-12 10:05:16 ----A---- C:\Windows\system32\inetcomm.dll
2013-03-12 10:05:15 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-03-12 10:05:15 ----A---- C:\Windows\system32\quartz.dll
2013-03-12 10:05:13 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-03-12 10:05:12 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-03-12 10:05:12 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-03-12 10:05:12 ----A---- C:\Windows\system32\netapi32.dll
2013-03-12 10:05:12 ----A---- C:\Windows\system32\browser.dll
2013-03-12 10:05:12 ----A---- C:\Windows\system32\browcli.dll
2013-03-12 10:05:11 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-03-12 10:05:11 ----A---- C:\Windows\system32\rdpwsx.dll
2013-03-12 10:05:11 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-03-12 10:05:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-03-12 10:00:35 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-03-12 10:00:35 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-03-12 10:00:35 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-03-12 10:00:35 ----A---- C:\Windows\system32\cryptsvc.dll
2013-03-12 10:00:35 ----A---- C:\Windows\system32\cryptnet.dll
2013-03-12 10:00:35 ----A---- C:\Windows\system32\crypt32.dll
2013-03-12 10:00:26 ----A---- C:\Windows\system32\spoolsv.exe
2013-03-12 10:00:26 ----A---- C:\Windows\splwow64.exe
2013-03-12 09:54:04 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-03-12 09:54:04 ----A---- C:\Windows\system32\packager.dll
2013-03-12 09:53:27 ----D---- C:\Program Files (x86)\Google
2013-03-12 09:43:14 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-03-12 09:43:14 ----A---- C:\Windows\system32\rdpcore.dll
2013-03-12 09:43:14 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-03-12 09:43:12 ----D---- C:\Users\Slavo\AppData\Roaming\ESET
2013-03-12 09:40:11 ----D---- C:\ProgramData\ESET
2013-03-12 09:40:10 ----D---- C:\Program Files\ESET
2013-03-12 09:36:38 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-03-12 09:33:21 ----A---- C:\Windows\system32\wups2.dll
2013-03-12 09:33:21 ----A---- C:\Windows\system32\wuauclt.exe
2013-03-12 09:33:20 ----A---- C:\Windows\system32\wucltux.dll
2013-03-12 09:33:20 ----A---- C:\Windows\system32\wuaueng.dll
2013-03-12 09:33:15 ----A---- C:\Windows\system32\wups.dll
2013-03-12 09:33:15 ----A---- C:\Windows\system32\wudriver.dll
2013-03-12 09:33:15 ----A---- C:\Windows\system32\wuapi.dll
2013-03-12 09:33:12 ----A---- C:\Windows\system32\wuwebv.dll
2013-03-12 09:33:12 ----A---- C:\Windows\system32\wuapp.exe
2013-03-12 09:31:49 ----D---- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2013-03-12 09:31:49 ----A---- C:\Windows\system32\drivers\athrx.sys
2013-03-12 09:31:49 ----A---- C:\Windows\system32\athrx.sys
2013-03-12 09:31:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-12 09:30:37 ----D---- C:\ProgramData\Qualcomm Atheros
2013-03-12 09:18:55 ----D---- C:\Program Files (x86)\ASUS
2013-03-12 09:18:33 ----SHD---- C:\Windows\Installer
2013-03-12 09:05:31 ----D---- C:\Users\Slavo\AppData\Roaming\Identities
2013-03-12 09:05:15 ----SD---- C:\Users\Slavo\AppData\Roaming\Microsoft
2013-03-12 09:05:15 ----D---- C:\Users\Slavo\AppData\Roaming\Media Center Programs
2013-03-12 09:05:06 ----SHD---- C:\Recovery
2013-03-12 09:05:04 ----D---- C:\Windows\SoftwareDistribution
2013-03-12 08:59:23 ----D---- C:\Windows\Prefetch
2013-03-12 08:58:38 ----ASH---- C:\hiberfil.sys
2013-03-12 08:58:37 ----ASH---- C:\pagefile.sys
2013-03-12 08:53:47 ----SHD---- C:\System Volume Information
2013-03-12 08:53:09 ----D---- C:\Windows\Panther
2013-03-12 08:52:57 ----RASH---- C:\BOOTSECT.BAK
2013-03-12 08:52:54 ----SHD---- C:\Boot
======List of files/folders modified in the last 1 months======
2013-03-15 09:11:12 ----D---- C:\Windows\Temp
2013-03-15 09:11:06 ----RD---- C:\Program Files
2013-03-15 04:14:37 ----D---- C:\Windows\system32\config
2013-03-15 03:58:31 ----D---- C:\Windows\rescache
2013-03-14 22:43:50 ----D---- C:\Windows\System32
2013-03-14 22:43:49 ----D---- C:\Windows\inf
2013-03-14 22:43:48 ----D---- C:\Windows\system32\DriverStore
2013-03-14 22:43:48 ----D---- C:\Windows\system32\catroot
2013-03-14 21:14:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-14 15:55:44 ----D---- C:\Windows\winsxs
2013-03-14 15:53:29 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-03-14 15:53:29 ----D---- C:\Windows\system32\sk-SK
2013-03-14 15:53:29 ----D---- C:\Program Files\Internet Explorer
2013-03-14 15:53:29 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 15:53:28 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 15:53:28 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-14 15:53:27 ----D---- C:\Windows\SysWOW64
2013-03-14 15:53:27 ----D---- C:\Windows\system32\migration
2013-03-14 15:53:27 ----D---- C:\Windows\system32\en-US
2013-03-14 15:53:27 ----D---- C:\Windows\PolicyDefinitions
2013-03-14 15:53:26 ----D---- C:\Windows\AppPatch
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\it-IT
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\el-GR
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\de-DE
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-14 15:53:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-14 15:53:23 ----D---- C:\Windows\system32\pt-PT
2013-03-14 15:53:23 ----D---- C:\Windows\system32\pt-BR
2013-03-14 15:53:23 ----D---- C:\Windows\system32\pl-PL
2013-03-14 15:53:23 ----D---- C:\Windows\system32\ko-KR
2013-03-14 15:53:23 ----D---- C:\Windows\system32\it-IT
2013-03-14 15:53:23 ----D---- C:\Windows\system32\hu-HU
2013-03-14 15:53:22 ----D---- C:\Windows\system32\zh-TW
2013-03-14 15:53:22 ----D---- C:\Windows\system32\zh-HK
2013-03-14 15:53:22 ----D---- C:\Windows\system32\zh-CN
2013-03-14 15:53:22 ----D---- C:\Windows\system32\tr-TR
2013-03-14 15:53:22 ----D---- C:\Windows\system32\sv-SE
2013-03-14 15:53:22 ----D---- C:\Windows\system32\ru-RU
2013-03-14 15:53:22 ----D---- C:\Windows\system32\nl-NL
2013-03-14 15:53:22 ----D---- C:\Windows\system32\nb-NO
2013-03-14 15:53:22 ----D---- C:\Windows\system32\ja-JP
2013-03-14 15:53:22 ----D---- C:\Windows\system32\fr-FR
2013-03-14 15:53:22 ----D---- C:\Windows\system32\fi-FI
2013-03-14 15:53:22 ----D---- C:\Windows\system32\es-ES
2013-03-14 15:53:22 ----D---- C:\Windows\system32\el-GR
2013-03-14 15:53:22 ----D---- C:\Windows\system32\de-DE
2013-03-14 15:53:22 ----D---- C:\Windows\system32\da-DK
2013-03-14 15:53:22 ----D---- C:\Windows\system32\cs-CZ
2013-03-14 15:49:22 ----D---- C:\Windows\Logs
2013-03-14 15:47:07 ----D---- C:\Windows\system32\catroot2
2013-03-14 15:39:27 ----D---- C:\Windows
2013-03-14 14:17:55 ----D---- C:\Windows\system32\Tasks
2013-03-14 14:14:12 ----RD---- C:\Program Files (x86)
2013-03-14 13:43:19 ----SD---- C:\ProgramData\Microsoft
2013-03-14 13:02:59 ----D---- C:\Program Files (x86)\Common Files
2013-03-14 12:56:34 ----D---- C:\Windows\system32\drivers
2013-03-14 12:37:00 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-14 12:00:02 ----HD---- C:\ProgramData
2013-03-14 09:50:05 ----D---- C:\Windows\Cursors
2013-03-13 20:20:06 ----D---- C:\Windows\system32\wdi
2013-03-13 18:33:13 ----D---- C:\Windows\Tasks
2013-03-13 09:23:02 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-12 20:13:50 ----D---- C:\Windows\Microsoft.NET
2013-03-12 20:13:32 ----RSD---- C:\Windows\assembly
2013-03-12 15:44:55 ----D---- C:\Program Files (x86)\MSBuild
2013-03-12 15:44:45 ----D---- C:\Windows\ShellNew
2013-03-12 15:44:24 ----RSD---- C:\Windows\Fonts
2013-03-12 15:43:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-12 15:41:36 ----A---- C:\Windows\win.ini
2013-03-12 14:56:26 ----D---- C:\Windows\system32\oobe
2013-03-12 11:58:36 ----D---- C:\Program Files\Common Files\System
2013-03-12 11:58:35 ----D---- C:\Windows\ehome
2013-03-12 11:58:34 ----D---- C:\Windows\system32\wbem
2013-03-12 11:58:34 ----D---- C:\Windows\system32\drivers\en-US
2013-03-12 11:58:33 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-12 11:58:11 ----D---- C:\Windows\system32\Boot
2013-03-12 11:57:59 ----D---- C:\Program Files\Windows Journal
2013-03-12 10:53:20 ----D---- C:\Windows\debug
2013-03-12 09:18:41 ----D---- C:\Windows\system32\restore
2013-03-12 09:13:21 ----D---- C:\Windows\system32\NDF
2013-03-12 09:12:29 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-12 09:05:28 ----SHD---- C:\$Recycle.Bin
2013-03-12 09:05:15 ----RD---- C:\Users
2013-03-12 09:01:17 ----D---- C:\Windows\system32\sysprep
2013-03-12 08:59:18 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-01-10 57904]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-12 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-01-10 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 59440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2013/03/14 14:18:01]; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-01-11 146928]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 190232]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-22 130024]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-22 395752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-08-30 2769920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S1 ArcCtrl;ArcCtrl; C:\Windows\system32\drivers\ArcCtrl.sys []
S1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-12 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-12 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o kontrolu logu
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosim o kontrolu logu
prikladam log z OTL:
OTL logfile created on: 15. 3. 2013 11:00:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Slavo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,91 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 43,53% Memory free
7,81 Gb Paging File | 5,79 Gb Available in Paging File | 74,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 63,38 Gb Total Space | 37,12 Gb Free Space | 58,57% Space Free | Partition Type: NTFS
Drive D: | 402,19 Gb Total Space | 213,63 Gb Free Space | 53,12% Space Free | Partition Type: NTFS
Computer Name: SLAVO-PC | User Name: Slavo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/15 09:59:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Slavo\Desktop\OTL.exe
PRC - [2013/03/12 11:06:32 | 001,051,984 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/03/07 19:00:00 | 005,818,368 | ---- | M] (MPC-HC Team) -- C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
PRC - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/06/25 17:19:24 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/06/25 15:54:28 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/06/19 13:59:04 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/01/12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/01/12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/01/12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/01/12 13:58:47 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
PRC - [2012/01/02 03:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013/03/11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013/03/07 19:00:00 | 003,501,056 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax
MOD - [2013/03/07 19:00:00 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ff_libmad.dll
MOD - [2012/01/12 13:55:29 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
MOD - [2012/01/02 03:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011/08/24 03:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
MOD - [2011/08/24 03:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ctypes.pyd
MOD - [2011/08/24 03:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd
========== Services (SafeList) ==========
SRV:64bit: - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/13 18:33:12 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/07 13:54:40 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/01/12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/01/12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/12 15:20:51 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/01/10 09:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/01/10 09:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/01/10 09:25:22 | 000,057,904 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/01/10 09:25:20 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/10 09:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/22 15:21:46 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/22 15:21:46 | 000,130,024 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/08/30 23:42:04 | 002,769,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/16 00:24:16 | 000,015,672 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/01/11 22:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2013/03/14 14:18:01] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011/10/27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2011/09/07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 39 22 B4 FE 1E CE 01 [binary data]
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/03/12 09:40:27 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Disk Google = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Chrome YouTube Downloader = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.15_0\
CHR - Extension: Adblock Plus = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Assassin's Creed III = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\geadmffjboclimmeiaimcafapjaefnfn\1.3_0\
CHR - Extension: Gmail = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-710883518-3809816073-596470965-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.12.48.2 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8580432-84DD-49FE-BAB6-CB243A3E8A09}: DhcpNameServer = 217.12.48.2 208.67.222.222
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/15 09:58:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Slavo\Desktop\OTL.exe
[2013/03/15 09:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/03/15 09:11:05 | 000,000,000 | ---D | C] -- C:\rsit
[2013/03/14 15:41:46 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/14 15:41:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/14 15:41:45 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/14 15:41:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/14 15:41:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/14 15:41:42 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/14 15:41:42 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/14 15:41:42 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/14 15:41:42 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/14 15:41:41 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/14 15:41:40 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/14 15:41:38 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/14 15:41:38 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/14 15:41:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/14 15:41:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/14 15:41:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/14 15:41:37 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/14 15:41:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/14 15:41:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/14 15:41:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/14 15:41:36 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/14 15:41:33 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/14 15:41:33 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/14 15:41:33 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/14 15:41:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/14 15:41:32 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/14 15:41:32 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/14 15:41:32 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/14 15:41:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/14 15:41:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/14 15:41:31 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/14 15:41:30 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/14 15:41:29 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/14 15:41:29 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/14 15:41:28 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/14 15:41:28 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/14 15:41:28 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/14 15:41:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/14 15:41:28 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/14 15:41:28 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/14 15:41:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/14 15:41:27 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/14 15:41:27 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/14 15:41:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/14 15:41:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/14 15:41:26 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/14 15:41:25 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/14 15:41:25 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/14 15:41:25 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/14 15:41:25 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/14 15:41:25 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/14 15:41:25 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/14 15:41:25 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/14 15:41:23 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/14 15:41:23 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/14 15:41:23 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/14 15:41:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/14 15:41:23 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/14 15:41:23 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/14 15:41:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/14 15:41:23 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/14 15:41:22 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/14 15:41:22 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/14 15:41:22 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/14 15:41:22 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/14 15:41:22 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/14 15:41:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/14 15:41:21 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/14 15:34:04 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/03/14 15:34:04 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/14 15:34:04 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/03/14 15:34:04 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/03/14 15:33:58 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/03/14 15:33:58 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/03/14 15:33:54 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/03/14 15:33:54 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/14 15:33:54 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/14 15:33:54 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/14 15:33:54 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/14 15:33:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/14 15:33:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/14 15:33:54 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/14 15:33:54 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/14 15:33:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/03/14 15:33:52 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/03/14 15:33:52 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/03/14 15:33:52 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/14 15:33:52 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/03/14 15:33:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/14 15:33:51 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/03/14 15:33:51 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/03/14 15:33:51 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/03/14 15:33:51 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/03/14 15:33:51 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/03/14 15:33:50 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/03/14 15:33:50 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/03/14 15:33:50 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/03/14 15:33:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/03/14 15:33:49 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/03/14 14:23:12 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\MediaShow
[2013/03/14 14:17:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
[2013/03/14 14:14:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2013/03/14 11:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2013/03/14 11:40:18 | 000,015,672 | ---- | C] (InterVideo) -- C:\Windows\SysNative\drivers\regi.sys
[2013/03/14 11:39:06 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013/03/14 10:57:11 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\ImgBurn
[2013/03/14 10:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013/03/14 10:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2013/03/14 10:24:52 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Nero_AG
[2013/03/14 10:20:11 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Nero
[2013/03/14 10:16:57 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Nero
[2013/03/14 09:34:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013/03/14 09:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013/03/14 09:29:20 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013/03/14 09:28:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013/03/14 09:27:17 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013/03/14 09:26:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013/03/14 09:25:12 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013/03/14 09:24:08 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013/03/13 22:43:00 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Media Player Classic
[2013/03/13 21:44:45 | 000,000,000 | ---D | C] -- C:\Users\Slavo\Documents\CyberLink
[2013/03/13 21:43:04 | 000,000,000 | ---D | C] -- C:\MediaServer
[2013/03/13 21:42:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2013/03/13 21:42:54 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\MediaServer
[2013/03/13 21:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2013/03/13 21:42:38 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\CyberLink
[2013/03/13 21:42:30 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\CyberLink
[2013/03/13 21:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/03/13 21:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013/03/13 21:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2013/03/13 20:58:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/03/13 20:58:48 | 004,102,656 | ---- | C] (x264vfw project) -- C:\Windows\SysWow64\x264vfw.dll
[2013/03/13 20:58:42 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2013/03/13 20:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013/03/13 20:55:25 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Programs
[2013/03/13 19:07:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\Documents\ArcSoft
[2013/03/13 18:33:12 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 18:33:12 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/13 18:33:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/03/13 18:33:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/03/13 16:51:13 | 000,000,000 | ---D | C] -- C:\Users\Slavo\Documents\Thief - Deadly Shadows
[2013/03/13 16:48:41 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/03/13 16:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TDS Tweaker
[2013/03/13 16:40:02 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos
[2013/03/13 16:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2013/03/13 16:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2013/03/13 16:27:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/03/13 16:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/03/13 15:17:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/13 09:16:30 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\WinRAR
[2013/03/13 07:03:54 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Mirillis
[2013/03/13 07:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mirillis
[2013/03/13 07:03:53 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Mirillis
[2013/03/12 15:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2013/03/12 15:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/03/12 15:52:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/03/12 15:52:07 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/03/12 15:52:06 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/03/12 15:52:06 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/03/12 15:52:06 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/03/12 15:52:06 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/03/12 15:52:05 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013/03/12 15:52:05 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll
[2013/03/12 15:52:05 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll
[2013/03/12 15:52:05 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll
[2013/03/12 15:52:05 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll
[2013/03/12 15:52:05 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll
[2013/03/12 15:52:05 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013/03/12 15:52:05 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013/03/12 15:52:05 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/03/12 15:52:04 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013/03/12 15:52:04 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013/03/12 15:52:04 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013/03/12 15:52:03 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013/03/12 15:52:03 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013/03/12 15:52:03 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013/03/12 15:52:03 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/03/12 15:52:03 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/03/12 15:52:03 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/03/12 15:52:03 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/03/12 15:52:03 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013/03/12 15:52:03 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/03/12 15:52:03 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/03/12 15:52:03 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2013/03/12 15:52:02 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013/03/12 15:52:02 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2013/03/12 15:52:00 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/03/12 15:51:59 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2013/03/12 15:51:59 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/03/12 15:51:59 | 001,345,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013/03/12 15:51:58 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013/03/12 15:51:58 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/03/12 15:51:58 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/03/12 15:51:56 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/03/12 15:51:56 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/03/12 15:51:55 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/03/12 15:51:55 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/03/12 15:51:55 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/03/12 15:51:55 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/03/12 15:51:55 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/03/12 15:51:55 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/03/12 15:51:55 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/03/12 15:51:55 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/03/12 15:51:55 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/03/12 15:51:54 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013/03/12 15:51:54 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013/03/12 15:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/03/12 15:51:49 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/03/12 15:51:48 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/03/12 15:51:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/03/12 15:48:04 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\VS Revo Group
[2013/03/12 15:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/03/12 15:47:59 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013/03/12 15:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/03/12 15:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/12 15:45:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013/03/12 15:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013/03/12 15:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/03/12 15:44:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/12 15:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/12 15:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/03/12 15:41:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Microsoft Help
[2013/03/12 15:41:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/12 15:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/03/12 15:40:05 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/03/12 15:36:26 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\ArcSoft
[2013/03/12 15:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/12 15:27:07 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\ArcSoft
[2013/03/12 15:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2013/03/12 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Downloaded Installations
[2013/03/12 15:20:51 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/03/12 15:20:44 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\DAEMON Tools Lite
[2013/03/12 15:20:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/03/12 15:18:58 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
[2013/03/12 15:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mirillis
[2013/03/12 15:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/12 15:16:57 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/12 15:16:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2013/03/12 14:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logon Screen
[2013/03/12 14:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Logon Screen
[2013/03/12 14:51:54 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Skype
[2013/03/12 14:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/12 14:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/12 14:51:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/03/12 14:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/03/12 13:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2013/03/12 13:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/03/12 12:10:32 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/03/12 12:10:32 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/03/12 12:10:32 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/03/12 12:10:32 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013/03/12 12:10:32 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013/03/12 12:10:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013/03/12 12:10:32 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013/03/12 12:10:24 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/03/12 12:10:24 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/03/12 11:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/03/12 11:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/03/12 11:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2013/03/12 11:04:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\uTorrent
[2013/03/12 11:01:16 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Adobe
[2013/03/12 10:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/03/12 10:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/03/12 10:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/03/12 10:58:22 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Adobe
[2013/03/12 10:46:25 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/03/12 10:46:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/03/12 10:39:00 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/03/12 10:39:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/03/12 10:39:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/03/12 10:38:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/03/12 10:38:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\terminpt.sys
[2013/03/12 10:38:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/03/12 10:38:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/03/12 10:38:57 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/03/12 10:38:57 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/03/12 10:38:57 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/03/12 10:38:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/03/12 10:38:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/03/12 10:38:57 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/03/12 10:38:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/03/12 10:38:57 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/03/12 10:38:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/03/12 10:38:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/03/12 10:38:56 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/03/12 10:38:56 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/03/12 10:38:56 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/03/12 10:38:56 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/03/12 10:38:56 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/03/12 10:38:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/03/12 10:38:55 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/03/12 10:38:55 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/03/12 10:38:54 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/03/12 10:27:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/03/12 10:15:55 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/03/12 10:15:55 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/03/12 10:15:55 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/03/12 10:15:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/03/12 10:15:55 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/03/12 10:15:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/03/12 10:15:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/03/12 10:15:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/03/12 10:15:20 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/03/12 10:15:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/03/12 10:13:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/03/12 10:13:21 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/03/12 10:12:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/03/12 10:12:38 | 000,000,000 | ---D | C] -- C:\Intel
OTL logfile created on: 15. 3. 2013 11:00:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Slavo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,91 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 43,53% Memory free
7,81 Gb Paging File | 5,79 Gb Available in Paging File | 74,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 63,38 Gb Total Space | 37,12 Gb Free Space | 58,57% Space Free | Partition Type: NTFS
Drive D: | 402,19 Gb Total Space | 213,63 Gb Free Space | 53,12% Space Free | Partition Type: NTFS
Computer Name: SLAVO-PC | User Name: Slavo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/15 09:59:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Slavo\Desktop\OTL.exe
PRC - [2013/03/12 11:06:32 | 001,051,984 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/03/07 19:00:00 | 005,818,368 | ---- | M] (MPC-HC Team) -- C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
PRC - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/06/25 17:19:24 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/06/25 15:54:28 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/06/19 13:59:04 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/01/12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/01/12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/01/12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/01/12 13:58:47 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
PRC - [2012/01/02 03:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013/03/11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013/03/07 19:00:00 | 003,501,056 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax
MOD - [2013/03/07 19:00:00 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ff_libmad.dll
MOD - [2012/01/12 13:55:29 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
MOD - [2012/01/02 03:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011/08/24 03:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd
MOD - [2011/08/24 03:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ctypes.pyd
MOD - [2011/08/24 03:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd
========== Services (SafeList) ==========
SRV:64bit: - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/13 18:33:12 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/07 13:54:40 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/01/12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/01/12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/12 15:20:51 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/01/10 09:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/01/10 09:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/01/10 09:25:22 | 000,057,904 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/01/10 09:25:20 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/10 09:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/22 15:21:46 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/22 15:21:46 | 000,130,024 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/08/30 23:42:04 | 002,769,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/16 00:24:16 | 000,015,672 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/01/11 22:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2013/03/14 14:18:01] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011/10/27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2011/09/07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 39 22 B4 FE 1E CE 01 [binary data]
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-710883518-3809816073-596470965-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/03/12 09:40:27 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Disk Google = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Chrome YouTube Downloader = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.15_0\
CHR - Extension: Adblock Plus = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Assassin's Creed III = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\geadmffjboclimmeiaimcafapjaefnfn\1.3_0\
CHR - Extension: Gmail = C:\Users\Slavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-710883518-3809816073-596470965-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.12.48.2 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8580432-84DD-49FE-BAB6-CB243A3E8A09}: DhcpNameServer = 217.12.48.2 208.67.222.222
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/15 09:58:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Slavo\Desktop\OTL.exe
[2013/03/15 09:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/03/15 09:11:05 | 000,000,000 | ---D | C] -- C:\rsit
[2013/03/14 15:41:46 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/14 15:41:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/14 15:41:45 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/14 15:41:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/14 15:41:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/14 15:41:42 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/14 15:41:42 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/14 15:41:42 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/14 15:41:42 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/14 15:41:41 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/14 15:41:40 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/14 15:41:38 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/14 15:41:38 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/14 15:41:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/14 15:41:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/14 15:41:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/14 15:41:37 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/14 15:41:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/14 15:41:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/14 15:41:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/14 15:41:36 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/14 15:41:33 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/14 15:41:33 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/14 15:41:33 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/14 15:41:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/14 15:41:32 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/14 15:41:32 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/14 15:41:32 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/14 15:41:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/14 15:41:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/14 15:41:31 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/14 15:41:30 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/14 15:41:29 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/14 15:41:29 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/14 15:41:28 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/14 15:41:28 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/14 15:41:28 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/14 15:41:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/14 15:41:28 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/14 15:41:28 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/14 15:41:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/14 15:41:27 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/14 15:41:27 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/14 15:41:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/14 15:41:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/14 15:41:26 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/14 15:41:25 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/14 15:41:25 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/14 15:41:25 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/14 15:41:25 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/14 15:41:25 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/14 15:41:25 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/14 15:41:25 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/14 15:41:23 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/14 15:41:23 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/14 15:41:23 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/14 15:41:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/14 15:41:23 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/14 15:41:23 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/14 15:41:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/14 15:41:23 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/14 15:41:22 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/14 15:41:22 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/14 15:41:22 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/14 15:41:22 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/14 15:41:22 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/14 15:41:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/14 15:41:21 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/14 15:34:04 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/03/14 15:34:04 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/14 15:34:04 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/03/14 15:34:04 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/03/14 15:33:58 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/03/14 15:33:58 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/03/14 15:33:54 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/03/14 15:33:54 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/14 15:33:54 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/14 15:33:54 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/14 15:33:54 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/14 15:33:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/14 15:33:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/14 15:33:54 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/14 15:33:54 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/14 15:33:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/03/14 15:33:52 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/03/14 15:33:52 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/03/14 15:33:52 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/14 15:33:52 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/03/14 15:33:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/14 15:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/14 15:33:51 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/03/14 15:33:51 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/03/14 15:33:51 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/03/14 15:33:51 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/03/14 15:33:51 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/03/14 15:33:50 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/03/14 15:33:50 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/03/14 15:33:50 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/03/14 15:33:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/03/14 15:33:49 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/03/14 14:23:12 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\MediaShow
[2013/03/14 14:17:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
[2013/03/14 14:14:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2013/03/14 11:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2013/03/14 11:40:18 | 000,015,672 | ---- | C] (InterVideo) -- C:\Windows\SysNative\drivers\regi.sys
[2013/03/14 11:39:06 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013/03/14 10:57:11 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\ImgBurn
[2013/03/14 10:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013/03/14 10:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2013/03/14 10:24:52 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Nero_AG
[2013/03/14 10:20:11 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Nero
[2013/03/14 10:16:57 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Nero
[2013/03/14 09:34:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013/03/14 09:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013/03/14 09:29:20 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013/03/14 09:28:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013/03/14 09:27:17 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013/03/14 09:26:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013/03/14 09:25:12 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013/03/14 09:24:08 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013/03/13 22:43:00 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Media Player Classic
[2013/03/13 21:44:45 | 000,000,000 | ---D | C] -- C:\Users\Slavo\Documents\CyberLink
[2013/03/13 21:43:04 | 000,000,000 | ---D | C] -- C:\MediaServer
[2013/03/13 21:42:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2013/03/13 21:42:54 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\MediaServer
[2013/03/13 21:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2013/03/13 21:42:38 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\CyberLink
[2013/03/13 21:42:30 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\CyberLink
[2013/03/13 21:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/03/13 21:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013/03/13 21:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2013/03/13 20:58:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/03/13 20:58:48 | 004,102,656 | ---- | C] (x264vfw project) -- C:\Windows\SysWow64\x264vfw.dll
[2013/03/13 20:58:42 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2013/03/13 20:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013/03/13 20:55:25 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Programs
[2013/03/13 19:07:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\Documents\ArcSoft
[2013/03/13 18:33:12 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 18:33:12 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/13 18:33:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/03/13 18:33:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/03/13 16:51:13 | 000,000,000 | ---D | C] -- C:\Users\Slavo\Documents\Thief - Deadly Shadows
[2013/03/13 16:48:41 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/03/13 16:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TDS Tweaker
[2013/03/13 16:40:02 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos
[2013/03/13 16:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2013/03/13 16:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2013/03/13 16:27:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/03/13 16:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/03/13 15:17:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/13 09:16:30 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\WinRAR
[2013/03/13 07:03:54 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Mirillis
[2013/03/13 07:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mirillis
[2013/03/13 07:03:53 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Mirillis
[2013/03/12 15:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2013/03/12 15:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/03/12 15:52:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/03/12 15:52:07 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/03/12 15:52:06 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/03/12 15:52:06 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/03/12 15:52:06 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/03/12 15:52:06 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/03/12 15:52:05 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013/03/12 15:52:05 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll
[2013/03/12 15:52:05 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll
[2013/03/12 15:52:05 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll
[2013/03/12 15:52:05 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll
[2013/03/12 15:52:05 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll
[2013/03/12 15:52:05 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013/03/12 15:52:05 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013/03/12 15:52:05 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/03/12 15:52:04 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013/03/12 15:52:04 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013/03/12 15:52:04 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013/03/12 15:52:03 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013/03/12 15:52:03 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013/03/12 15:52:03 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013/03/12 15:52:03 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/03/12 15:52:03 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/03/12 15:52:03 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/03/12 15:52:03 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/03/12 15:52:03 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013/03/12 15:52:03 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/03/12 15:52:03 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/03/12 15:52:03 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2013/03/12 15:52:02 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013/03/12 15:52:02 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2013/03/12 15:52:00 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/03/12 15:51:59 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2013/03/12 15:51:59 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/03/12 15:51:59 | 001,345,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013/03/12 15:51:58 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013/03/12 15:51:58 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/03/12 15:51:58 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/03/12 15:51:56 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/03/12 15:51:56 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/03/12 15:51:55 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/03/12 15:51:55 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/03/12 15:51:55 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/03/12 15:51:55 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/03/12 15:51:55 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/03/12 15:51:55 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/03/12 15:51:55 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/03/12 15:51:55 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/03/12 15:51:55 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/03/12 15:51:54 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013/03/12 15:51:54 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013/03/12 15:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/03/12 15:51:49 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/03/12 15:51:48 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/03/12 15:51:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/03/12 15:48:04 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\VS Revo Group
[2013/03/12 15:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/03/12 15:47:59 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013/03/12 15:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/03/12 15:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/12 15:45:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013/03/12 15:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013/03/12 15:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/03/12 15:44:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/12 15:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/12 15:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/03/12 15:41:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Microsoft Help
[2013/03/12 15:41:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/12 15:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/03/12 15:40:05 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/03/12 15:36:26 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\ArcSoft
[2013/03/12 15:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/12 15:27:07 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\ArcSoft
[2013/03/12 15:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2013/03/12 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Downloaded Installations
[2013/03/12 15:20:51 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/03/12 15:20:44 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\DAEMON Tools Lite
[2013/03/12 15:20:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/03/12 15:18:58 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
[2013/03/12 15:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mirillis
[2013/03/12 15:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/12 15:16:57 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/12 15:16:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2013/03/12 14:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logon Screen
[2013/03/12 14:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Logon Screen
[2013/03/12 14:51:54 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Skype
[2013/03/12 14:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/12 14:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/12 14:51:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/03/12 14:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/03/12 13:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2013/03/12 13:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/03/12 12:10:32 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/03/12 12:10:32 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/03/12 12:10:32 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/03/12 12:10:32 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013/03/12 12:10:32 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013/03/12 12:10:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013/03/12 12:10:32 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013/03/12 12:10:24 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/03/12 12:10:24 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/03/12 11:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/03/12 11:58:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/03/12 11:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2013/03/12 11:04:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\uTorrent
[2013/03/12 11:01:16 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Adobe
[2013/03/12 10:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/03/12 10:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/03/12 10:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/03/12 10:58:22 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Adobe
[2013/03/12 10:46:25 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/03/12 10:46:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/03/12 10:39:00 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/03/12 10:39:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/03/12 10:39:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/03/12 10:38:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/03/12 10:38:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\terminpt.sys
[2013/03/12 10:38:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/03/12 10:38:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/03/12 10:38:57 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/03/12 10:38:57 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/03/12 10:38:57 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/03/12 10:38:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/03/12 10:38:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/03/12 10:38:57 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/03/12 10:38:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/03/12 10:38:57 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/03/12 10:38:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/03/12 10:38:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/03/12 10:38:56 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/03/12 10:38:56 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/03/12 10:38:56 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/03/12 10:38:56 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/03/12 10:38:56 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/03/12 10:38:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/03/12 10:38:55 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/03/12 10:38:55 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/03/12 10:38:54 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/03/12 10:27:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/03/12 10:15:55 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/03/12 10:15:55 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/03/12 10:15:55 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/03/12 10:15:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/03/12 10:15:55 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/03/12 10:15:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/03/12 10:15:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/03/12 10:15:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/03/12 10:15:20 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/03/12 10:15:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/03/12 10:13:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/03/12 10:13:21 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/03/12 10:12:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/03/12 10:12:38 | 000,000,000 | ---D | C] -- C:\Intel
Re: Prosim o kontrolu logu
druha cast 
:
[2013/03/12 10:09:11 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/03/12 10:09:09 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/03/12 10:09:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/03/12 10:09:07 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/03/12 10:09:07 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/03/12 10:08:22 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/03/12 10:08:22 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/03/12 10:08:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/03/12 10:08:22 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/03/12 10:08:22 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/03/12 10:08:22 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/03/12 10:08:22 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/03/12 10:08:22 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/03/12 10:08:22 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/03/12 10:08:22 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/03/12 10:08:22 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/03/12 10:08:22 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/03/12 10:08:22 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/03/12 10:08:22 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/03/12 10:08:22 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/03/12 10:08:22 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/03/12 10:08:22 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/03/12 10:08:22 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/03/12 10:08:22 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/03/12 10:08:21 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/03/12 10:08:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/03/12 10:08:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/03/12 10:08:21 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/03/12 10:08:21 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/03/12 10:08:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/03/12 10:08:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/03/12 10:08:21 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/03/12 10:08:21 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/03/12 10:08:11 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/03/12 10:08:10 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/03/12 10:08:10 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/03/12 10:08:10 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/03/12 10:08:10 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/03/12 10:08:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/03/12 10:08:10 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/03/12 10:08:09 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/03/12 10:08:09 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/03/12 10:08:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/03/12 10:08:09 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/03/12 10:08:09 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/03/12 10:08:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/03/12 10:08:08 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/03/12 10:08:07 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/03/12 10:08:07 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/03/12 10:08:00 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/03/12 10:08:00 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/03/12 10:08:00 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/03/12 10:08:00 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/03/12 10:07:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/03/12 10:07:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/03/12 10:07:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/03/12 10:07:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/03/12 10:07:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/03/12 10:07:59 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/03/12 10:07:59 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/03/12 10:07:41 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/03/12 10:07:37 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/03/12 10:07:37 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/03/12 10:07:37 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/03/12 10:07:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/03/12 10:07:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/03/12 10:07:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/03/12 10:07:23 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/03/12 10:07:23 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/03/12 10:07:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/03/12 10:07:23 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/03/12 10:07:20 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/03/12 10:07:20 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/03/12 10:07:19 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/03/12 10:07:15 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/03/12 10:07:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/03/12 10:07:13 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/03/12 10:07:11 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/03/12 10:07:11 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/03/12 10:07:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/03/12 10:07:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013/03/12 10:07:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013/03/12 10:06:57 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/03/12 10:06:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/03/12 10:06:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/03/12 10:06:56 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/03/12 10:06:56 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/03/12 10:06:55 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/03/12 10:06:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/03/12 10:06:51 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/03/12 10:06:51 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/03/12 10:06:48 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2013/03/12 10:06:47 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2013/03/12 10:06:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/03/12 10:06:11 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/03/12 10:06:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/03/12 10:06:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/03/12 10:06:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/03/12 10:06:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/03/12 10:06:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/03/12 10:05:55 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/03/12 10:05:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/03/12 10:05:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/03/12 10:05:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/03/12 10:05:51 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2013/03/12 10:05:51 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2013/03/12 10:05:50 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013/03/12 10:05:50 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/03/12 10:05:50 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013/03/12 10:05:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/03/12 10:05:47 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013/03/12 10:05:42 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/03/12 10:05:40 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/03/12 10:05:38 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/03/12 10:05:37 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/03/12 10:05:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/03/12 10:05:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/03/12 10:05:34 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/03/12 10:05:34 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/03/12 10:05:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/03/12 10:05:30 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/03/12 10:05:29 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/03/12 10:05:27 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/03/12 10:05:26 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/03/12 10:05:26 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/03/12 10:05:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/03/12 10:05:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/03/12 10:05:26 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/03/12 10:05:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/03/12 10:05:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/03/12 10:05:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/03/12 10:05:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/03/12 10:05:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013/03/12 10:05:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013/03/12 10:05:24 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/03/12 10:05:24 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/03/12 10:05:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/03/12 10:05:24 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/03/12 10:05:23 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/03/12 10:05:23 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/03/12 10:05:23 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/03/12 10:05:23 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/03/12 10:05:23 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/03/12 10:05:23 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/03/12 10:05:23 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/03/12 10:05:20 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/03/12 10:05:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/03/12 10:05:19 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/03/12 10:05:17 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/03/12 10:05:17 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/03/12 10:05:15 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/03/12 10:05:15 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/03/12 10:05:13 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/03/12 10:05:13 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/03/12 10:05:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/03/12 10:05:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/03/12 10:05:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/03/12 10:05:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/03/12 10:05:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/03/12 10:05:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/03/12 10:05:10 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/03/12 10:00:35 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/03/12 10:00:35 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/03/12 10:00:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/03/12 09:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/12 09:54:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013/03/12 09:54:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013/03/12 09:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/12 09:53:24 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Google
[2013/03/12 09:52:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Deployment
[2013/03/12 09:52:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Apps
[2013/03/12 09:43:14 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/03/12 09:43:14 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/03/12 09:43:12 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\ESET
[2013/03/12 09:43:12 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\ESET
[2013/03/12 09:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/03/12 09:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/03/12 09:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/03/12 09:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/03/12 09:33:21 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/03/12 09:33:21 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/03/12 09:33:20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/03/12 09:33:15 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/03/12 09:33:15 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/03/12 09:33:15 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/03/12 09:33:12 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/03/12 09:33:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/03/12 09:31:49 | 002,769,920 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2013/03/12 09:31:49 | 002,769,920 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2013/03/12 09:31:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
[2013/03/12 09:31:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/03/12 09:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2013/03/12 09:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2013/03/12 09:18:33 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/03/12 09:11:21 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Diagnostics
[2013/03/12 09:05:41 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/12 09:05:41 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Searches
[2013/03/12 09:05:41 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/12 09:05:31 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Identities
[2013/03/12 09:05:29 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Contacts
[2013/03/12 09:05:27 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\VirtualStore
[2013/03/12 09:05:15 | 000,000,000 | --SD | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Videos
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Saved Games
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Pictures
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Music
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Links
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Favorites
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Downloads
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Documents
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Desktop
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/12 09:05:15 | 000,000,000 | -H-D | C] -- C:\Users\Slavo\AppData
[2013/03/12 09:05:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Temp
[2013/03/12 09:05:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Microsoft
[2013/03/12 09:05:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Media Center Programs
[2013/03/12 09:05:06 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/03/12 09:05:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/12 08:59:23 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/03/12 08:53:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/03/12 08:53:09 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/03/12 08:52:54 | 000,000,000 | -HSD | C] -- C:\Boot
========== Files - Modified Within 30 Days ==========
[2013/03/15 10:58:03 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/15 10:36:24 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/15 10:05:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/03/15 09:59:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Slavo\Desktop\OTL.exe
[2013/03/15 09:58:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/15 09:10:29 | 000,832,273 | ---- | M] () -- C:\Users\Slavo\Desktop\RSITx64.exe
[2013/03/14 21:14:10 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/14 21:14:10 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/14 21:14:10 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/14 19:50:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/14 16:00:42 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 16:00:42 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 15:54:26 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/14 15:41:46 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/14 15:41:45 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/14 15:41:45 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/14 15:41:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/14 15:41:43 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/14 15:41:42 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/14 15:41:42 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/14 15:41:42 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/14 15:41:42 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/14 15:41:41 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/14 15:41:40 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/14 15:41:38 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/14 15:41:38 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/14 15:41:37 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/14 15:41:37 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/14 15:41:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/14 15:41:37 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/14 15:41:37 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/14 15:41:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/14 15:41:37 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/14 15:41:36 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/14 15:41:33 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/14 15:41:33 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/14 15:41:33 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/14 15:41:33 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/14 15:41:32 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/14 15:41:32 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/14 15:41:32 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/14 15:41:31 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/14 15:41:31 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/14 15:41:31 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/14 15:41:31 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/14 15:41:30 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/14 15:41:29 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/14 15:41:29 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/14 15:41:28 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/14 15:41:28 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/14 15:41:28 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/14 15:41:28 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/14 15:41:28 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/14 15:41:28 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/14 15:41:28 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/14 15:41:27 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/14 15:41:27 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/14 15:41:27 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/14 15:41:27 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/14 15:41:27 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/14 15:41:26 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/14 15:41:25 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/14 15:41:25 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/14 15:41:25 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/14 15:41:25 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/14 15:41:25 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/14 15:41:25 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/14 15:41:25 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/14 15:41:23 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/14 15:41:23 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/14 15:41:23 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/14 15:41:23 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/14 15:41:23 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/14 15:41:23 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/14 15:41:23 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/14 15:41:23 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/14 15:41:22 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/14 15:41:22 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/14 15:41:22 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/14 15:41:22 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/14 15:41:22 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/14 15:41:22 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/14 15:41:21 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/14 14:17:32 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\PowerDVD 12.lnk
[2013/03/14 11:40:41 | 000,000,040 | -H-- | M] () -- C:\Windows\SysNative\ivireg.ivr
[2013/03/14 10:28:56 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/13 20:58:52 | 000,001,279 | ---- | M] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2013/03/13 18:33:12 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 18:33:12 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/13 16:35:13 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\Thief III.lnk
[2013/03/13 09:23:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/13 07:03:52 | 000,002,153 | ---- | M] () -- C:\Users\Slavo\Desktop\Splash Lite.lnk
[2013/03/12 15:56:12 | 000,418,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/12 15:48:00 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/03/12 15:34:09 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/12 15:21:35 | 000,001,956 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/03/12 15:20:51 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/03/12 14:55:49 | 000,002,432 | ---- | M] () -- C:\Windows\SysWow64\cplLogon.tsk
[2013/03/12 09:34:37 | 000,465,777 | RHS- | M] () -- C:\QBWSD
[2013/03/12 09:02:03 | 000,170,749 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/03/12 09:02:03 | 000,170,749 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/03/12 09:01:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/12 08:52:57 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/03/07 19:00:00 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
========== Files Created - No Company Name ==========
[2013/03/15 10:05:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/03/15 09:10:21 | 000,832,273 | ---- | C] () -- C:\Users\Slavo\Desktop\RSITx64.exe
[2013/03/14 15:41:31 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/14 15:41:27 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/14 14:17:32 | 000,002,194 | ---- | C] () -- C:\Users\Public\Desktop\PowerDVD 12.lnk
[2013/03/14 11:40:29 | 000,000,040 | -H-- | C] () -- C:\Windows\SysNative\ivireg.ivr
[2013/03/14 10:28:56 | 000,001,883 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013/03/14 10:28:56 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/13 20:58:52 | 000,001,279 | ---- | C] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2013/03/13 20:58:49 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/03/13 20:58:48 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/13 20:58:48 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/03/13 20:58:42 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/03/13 20:58:28 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/03/13 18:33:13 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/13 16:35:13 | 000,000,867 | ---- | C] () -- C:\Users\Public\Desktop\Thief III.lnk
[2013/03/13 09:23:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/12 15:52:03 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013/03/12 15:48:00 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/03/12 15:34:09 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/12 15:26:59 | 000,004,096 | ---- | C] () -- C:\Windows\SysNative\drivers\VirtualizerDDK.sys
[2013/03/12 15:21:35 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/03/12 15:19:00 | 000,002,153 | ---- | C] () -- C:\Users\Slavo\Desktop\Splash Lite.lnk
[2013/03/12 14:55:18 | 000,002,432 | ---- | C] () -- C:\Windows\SysWow64\cplLogon.tsk
[2013/03/12 12:07:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013/03/12 10:46:28 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/12 10:15:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/12 09:53:32 | 000,000,934 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/12 09:53:31 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/12 09:34:37 | 000,465,777 | RHS- | C] () -- C:\QBWSD
[2013/03/12 09:31:49 | 000,443,274 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2013/03/12 09:31:49 | 000,068,275 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2013/03/12 09:05:43 | 000,001,419 | ---- | C] () -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/12 09:01:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/03/12 09:01:43 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/03/12 09:01:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/12 08:58:38 | 3145,826,304 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/12 08:52:57 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013/03/12 08:52:55 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012/12/14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/03/12 15:38:49 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\DAEMON Tools Lite
[2013/03/12 09:43:12 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\ESET
[2013/03/14 10:57:11 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\ImgBurn
[2013/03/13 07:03:54 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\Mirillis
[2013/03/15 11:10:40 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\uTorrent
========== Purity Check ==========
< End of report >
:[2013/03/12 10:09:11 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/03/12 10:09:09 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/03/12 10:09:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/03/12 10:09:07 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/03/12 10:09:07 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/03/12 10:08:22 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/03/12 10:08:22 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/03/12 10:08:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/03/12 10:08:22 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/03/12 10:08:22 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/03/12 10:08:22 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/03/12 10:08:22 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/03/12 10:08:22 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/03/12 10:08:22 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/03/12 10:08:22 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/03/12 10:08:22 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/03/12 10:08:22 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/03/12 10:08:22 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/03/12 10:08:22 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/03/12 10:08:22 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/03/12 10:08:22 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/03/12 10:08:22 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/03/12 10:08:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/03/12 10:08:22 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/03/12 10:08:22 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/03/12 10:08:21 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/03/12 10:08:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/03/12 10:08:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/03/12 10:08:21 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/03/12 10:08:21 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/03/12 10:08:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/03/12 10:08:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/03/12 10:08:21 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/03/12 10:08:21 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/03/12 10:08:11 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/03/12 10:08:10 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/03/12 10:08:10 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/03/12 10:08:10 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/03/12 10:08:10 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/03/12 10:08:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/03/12 10:08:10 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/03/12 10:08:09 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/03/12 10:08:09 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/03/12 10:08:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/03/12 10:08:09 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/03/12 10:08:09 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/03/12 10:08:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/03/12 10:08:08 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/03/12 10:08:07 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/03/12 10:08:07 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/03/12 10:08:00 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/03/12 10:08:00 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/03/12 10:08:00 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/03/12 10:08:00 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/03/12 10:07:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/03/12 10:07:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/03/12 10:07:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/03/12 10:07:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/03/12 10:07:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/03/12 10:07:59 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/03/12 10:07:59 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/03/12 10:07:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/03/12 10:07:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/03/12 10:07:41 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/03/12 10:07:37 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/03/12 10:07:37 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/03/12 10:07:37 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/03/12 10:07:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/03/12 10:07:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/03/12 10:07:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/03/12 10:07:23 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/03/12 10:07:23 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/03/12 10:07:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/03/12 10:07:23 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/03/12 10:07:20 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/03/12 10:07:20 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/03/12 10:07:19 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/03/12 10:07:15 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/03/12 10:07:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/03/12 10:07:13 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/03/12 10:07:11 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/03/12 10:07:11 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/03/12 10:07:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/03/12 10:07:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013/03/12 10:07:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013/03/12 10:06:57 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/03/12 10:06:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/03/12 10:06:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/03/12 10:06:56 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/03/12 10:06:56 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/03/12 10:06:55 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/03/12 10:06:55 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/03/12 10:06:51 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/03/12 10:06:51 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/03/12 10:06:48 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2013/03/12 10:06:47 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2013/03/12 10:06:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/03/12 10:06:11 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/03/12 10:06:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/03/12 10:06:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/03/12 10:06:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/03/12 10:06:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/03/12 10:06:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/03/12 10:05:55 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/03/12 10:05:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/03/12 10:05:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/03/12 10:05:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/03/12 10:05:51 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2013/03/12 10:05:51 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2013/03/12 10:05:50 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013/03/12 10:05:50 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/03/12 10:05:50 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013/03/12 10:05:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/03/12 10:05:47 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013/03/12 10:05:42 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/03/12 10:05:40 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/03/12 10:05:38 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/03/12 10:05:37 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/03/12 10:05:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/03/12 10:05:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/03/12 10:05:34 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/03/12 10:05:34 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/03/12 10:05:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/03/12 10:05:30 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/03/12 10:05:29 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/03/12 10:05:27 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/03/12 10:05:26 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/03/12 10:05:26 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/03/12 10:05:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/03/12 10:05:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/03/12 10:05:26 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/03/12 10:05:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/03/12 10:05:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/03/12 10:05:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/03/12 10:05:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/03/12 10:05:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013/03/12 10:05:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013/03/12 10:05:24 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/03/12 10:05:24 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/03/12 10:05:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/03/12 10:05:24 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/03/12 10:05:23 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/03/12 10:05:23 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/03/12 10:05:23 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/03/12 10:05:23 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/03/12 10:05:23 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/03/12 10:05:23 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/03/12 10:05:23 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/03/12 10:05:20 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/03/12 10:05:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/03/12 10:05:19 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/03/12 10:05:17 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/03/12 10:05:17 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/03/12 10:05:15 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/03/12 10:05:15 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/03/12 10:05:13 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/03/12 10:05:13 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/03/12 10:05:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/03/12 10:05:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/03/12 10:05:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/03/12 10:05:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/03/12 10:05:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/03/12 10:05:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/03/12 10:05:10 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/03/12 10:00:35 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/03/12 10:00:35 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/03/12 10:00:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/03/12 09:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/12 09:54:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013/03/12 09:54:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013/03/12 09:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/12 09:53:24 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Google
[2013/03/12 09:52:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Deployment
[2013/03/12 09:52:35 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Apps
[2013/03/12 09:43:14 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/03/12 09:43:14 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/03/12 09:43:12 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\ESET
[2013/03/12 09:43:12 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\ESET
[2013/03/12 09:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/03/12 09:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/03/12 09:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/03/12 09:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/03/12 09:33:21 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/03/12 09:33:21 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/03/12 09:33:20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/03/12 09:33:15 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/03/12 09:33:15 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/03/12 09:33:15 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/03/12 09:33:12 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/03/12 09:33:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/03/12 09:31:49 | 002,769,920 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2013/03/12 09:31:49 | 002,769,920 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2013/03/12 09:31:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
[2013/03/12 09:31:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/03/12 09:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2013/03/12 09:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2013/03/12 09:18:33 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/03/12 09:11:21 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Diagnostics
[2013/03/12 09:05:41 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/12 09:05:41 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Searches
[2013/03/12 09:05:41 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/12 09:05:31 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Identities
[2013/03/12 09:05:29 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Contacts
[2013/03/12 09:05:27 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\VirtualStore
[2013/03/12 09:05:15 | 000,000,000 | --SD | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Videos
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Saved Games
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Pictures
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Music
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Links
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Favorites
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Downloads
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Documents
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\Desktop
[2013/03/12 09:05:15 | 000,000,000 | R--D | C] -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/12 09:05:15 | 000,000,000 | -H-D | C] -- C:\Users\Slavo\AppData
[2013/03/12 09:05:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Temp
[2013/03/12 09:05:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Local\Microsoft
[2013/03/12 09:05:15 | 000,000,000 | ---D | C] -- C:\Users\Slavo\AppData\Roaming\Media Center Programs
[2013/03/12 09:05:06 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/03/12 09:05:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/12 08:59:23 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/03/12 08:53:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/03/12 08:53:09 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/03/12 08:52:54 | 000,000,000 | -HSD | C] -- C:\Boot
========== Files - Modified Within 30 Days ==========
[2013/03/15 10:58:03 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/15 10:36:24 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/15 10:05:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/03/15 09:59:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Slavo\Desktop\OTL.exe
[2013/03/15 09:58:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/15 09:10:29 | 000,832,273 | ---- | M] () -- C:\Users\Slavo\Desktop\RSITx64.exe
[2013/03/14 21:14:10 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/14 21:14:10 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/14 21:14:10 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/14 19:50:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/14 16:00:42 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 16:00:42 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 15:54:26 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/14 15:41:46 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/14 15:41:45 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/14 15:41:45 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/14 15:41:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/14 15:41:43 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/14 15:41:42 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/14 15:41:42 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/14 15:41:42 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/14 15:41:42 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/14 15:41:41 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/14 15:41:40 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/14 15:41:38 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/14 15:41:38 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/14 15:41:37 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/14 15:41:37 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/14 15:41:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/14 15:41:37 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/14 15:41:37 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/14 15:41:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/14 15:41:37 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/14 15:41:36 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/14 15:41:33 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/14 15:41:33 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/14 15:41:33 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/14 15:41:33 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/14 15:41:32 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/14 15:41:32 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/14 15:41:32 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/14 15:41:31 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/14 15:41:31 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/14 15:41:31 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/14 15:41:31 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/14 15:41:30 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/14 15:41:29 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/14 15:41:29 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/14 15:41:28 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/14 15:41:28 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/14 15:41:28 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/14 15:41:28 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/14 15:41:28 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/14 15:41:28 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/14 15:41:28 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/14 15:41:27 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/14 15:41:27 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/14 15:41:27 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/14 15:41:27 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/14 15:41:27 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/14 15:41:26 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/14 15:41:25 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/14 15:41:25 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/14 15:41:25 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/14 15:41:25 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/14 15:41:25 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/14 15:41:25 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/14 15:41:25 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/14 15:41:23 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/14 15:41:23 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/14 15:41:23 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/14 15:41:23 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/14 15:41:23 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/14 15:41:23 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/14 15:41:23 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/14 15:41:23 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/14 15:41:22 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/14 15:41:22 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/14 15:41:22 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/14 15:41:22 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/14 15:41:22 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/14 15:41:22 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/14 15:41:21 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/14 14:17:32 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\PowerDVD 12.lnk
[2013/03/14 11:40:41 | 000,000,040 | -H-- | M] () -- C:\Windows\SysNative\ivireg.ivr
[2013/03/14 10:28:56 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/13 20:58:52 | 000,001,279 | ---- | M] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2013/03/13 18:33:12 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 18:33:12 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/13 16:35:13 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\Thief III.lnk
[2013/03/13 09:23:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/13 07:03:52 | 000,002,153 | ---- | M] () -- C:\Users\Slavo\Desktop\Splash Lite.lnk
[2013/03/12 15:56:12 | 000,418,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/12 15:48:00 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/03/12 15:34:09 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/12 15:21:35 | 000,001,956 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/03/12 15:20:51 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/03/12 14:55:49 | 000,002,432 | ---- | M] () -- C:\Windows\SysWow64\cplLogon.tsk
[2013/03/12 09:34:37 | 000,465,777 | RHS- | M] () -- C:\QBWSD
[2013/03/12 09:02:03 | 000,170,749 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/03/12 09:02:03 | 000,170,749 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/03/12 09:01:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/12 08:52:57 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/03/07 19:00:00 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
========== Files Created - No Company Name ==========
[2013/03/15 10:05:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/03/15 09:10:21 | 000,832,273 | ---- | C] () -- C:\Users\Slavo\Desktop\RSITx64.exe
[2013/03/14 15:41:31 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/14 15:41:27 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/14 14:17:32 | 000,002,194 | ---- | C] () -- C:\Users\Public\Desktop\PowerDVD 12.lnk
[2013/03/14 11:40:29 | 000,000,040 | -H-- | C] () -- C:\Windows\SysNative\ivireg.ivr
[2013/03/14 10:28:56 | 000,001,883 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013/03/14 10:28:56 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/13 20:58:52 | 000,001,279 | ---- | C] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2013/03/13 20:58:49 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/03/13 20:58:48 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/13 20:58:48 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/03/13 20:58:42 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/03/13 20:58:28 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/03/13 18:33:13 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/13 16:35:13 | 000,000,867 | ---- | C] () -- C:\Users\Public\Desktop\Thief III.lnk
[2013/03/13 09:23:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/12 15:52:03 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013/03/12 15:48:00 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/03/12 15:34:09 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/12 15:26:59 | 000,004,096 | ---- | C] () -- C:\Windows\SysNative\drivers\VirtualizerDDK.sys
[2013/03/12 15:21:35 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/03/12 15:19:00 | 000,002,153 | ---- | C] () -- C:\Users\Slavo\Desktop\Splash Lite.lnk
[2013/03/12 14:55:18 | 000,002,432 | ---- | C] () -- C:\Windows\SysWow64\cplLogon.tsk
[2013/03/12 12:07:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013/03/12 10:46:28 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/12 10:15:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/12 09:53:32 | 000,000,934 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/12 09:53:31 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/12 09:34:37 | 000,465,777 | RHS- | C] () -- C:\QBWSD
[2013/03/12 09:31:49 | 000,443,274 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2013/03/12 09:31:49 | 000,068,275 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2013/03/12 09:05:43 | 000,001,419 | ---- | C] () -- C:\Users\Slavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/12 09:01:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/03/12 09:01:43 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/03/12 09:01:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/12 08:58:38 | 3145,826,304 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/12 08:52:57 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013/03/12 08:52:55 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012/12/14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/03/12 15:38:49 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\DAEMON Tools Lite
[2013/03/12 09:43:12 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\ESET
[2013/03/14 10:57:11 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\ImgBurn
[2013/03/13 07:03:54 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\Mirillis
[2013/03/15 11:10:40 | 000,000,000 | ---D | M] -- C:\Users\Slavo\AppData\Roaming\uTorrent
========== Purity Check ==========
< End of report >
Re: Prosim o kontrolu logu
a druhy log :
OTL Extras logfile created on: 15. 3. 2013 11:00:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Slavo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,91 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 43,53% Memory free
7,81 Gb Paging File | 5,79 Gb Available in Paging File | 74,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 63,38 Gb Total Space | 37,12 Gb Free Space | 58,57% Space Free | Partition Type: NTFS
Drive D: | 402,19 Gb Total Space | 213,63 Gb Free Space | 53,12% Space Free | Partition Type: NTFS
Computer Name: SLAVO-PC | User Name: Slavo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-710883518-3809816073-596470965-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A76F0F0-5F3B-4F98-B4B8-58322576EB73}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{26289F8F-90E8-4E00-BF0B-8321D6624F26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2852D67B-184D-4B82-B974-0D3E0CD4CFC2}" = rport=138 | protocol=17 | dir=out | app=system |
"{2B330D31-1BB1-4F1C-86A5-2F98EACD7D97}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{33987D86-9E50-4CC5-81AE-31A4A5702BEC}" = lport=139 | protocol=6 | dir=in | app=system |
"{3A4673C7-F8B0-4FCC-A81C-28642BB31E54}" = lport=138 | protocol=17 | dir=in | app=system |
"{3D33CB41-9944-4A12-B23D-CD57AA1D2719}" = rport=10243 | protocol=6 | dir=out | app=system |
"{40CC8B01-6B6F-465C-8E9D-603993B296D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41AFE17C-AFBF-404C-80F6-E31C9E0BF022}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41BA70C4-D13E-4609-9401-58C3FF9584FF}" = lport=445 | protocol=6 | dir=in | app=system |
"{4A33E1F1-B33A-4AEE-9DE1-9B4BC9616C67}" = lport=137 | protocol=17 | dir=in | app=system |
"{506E2B34-D4CC-4D6A-A581-E2882F05DD9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5AB89226-56B7-4564-ADA8-95036D39A0AC}" = rport=139 | protocol=6 | dir=out | app=system |
"{7B6E7FFD-9B2C-4FE1-A8E5-43C67455BD8E}" = rport=445 | protocol=6 | dir=out | app=system |
"{883DB9E2-3F03-40F6-A769-C83C09AB45D1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90FBB832-45FD-4DBC-8D09-A162CC5DA277}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A2C9212D-9415-49FF-A8D9-62CC89FD9BD6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D88CDF41-338A-43CA-8CF7-A334302D2A15}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB57113A-2D40-419F-A1E5-0A51907DBB65}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6520A26-F564-4ADC-BD4F-370DEAC416D2}" = rport=137 | protocol=17 | dir=out | app=system |
"{EC11B2BF-DDE3-4006-9B80-9BAE50B38443}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7FE9F40-B14D-4760-BF6D-ECFC30077700}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0238776A-9C68-4F72-8505-337F1F4A7C07}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0242DE37-ED69-4885-8B3D-B896B0354EAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09BEFA4D-CC77-42D1-9A44-3408E1B92383}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1458D336-DEFE-491D-B945-4BAC53A3ABA0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{205CF4A2-39C6-45A6-962C-EB7DAAC6DDD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{261A43AC-D6EC-4B2E-8895-F319B8AE1749}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2DDC9315-1BB3-46CB-A33F-8EA69DD10DA0}" = protocol=6 | dir=out | app=system |
"{2E693822-D5BC-4067-A0DC-230C72D238B8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{35683537-616D-4C75-BEF3-A360463CF0D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{491079F5-9FF3-4C89-859E-B386C4B066A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4E5291F2-3D3B-4E16-BEE1-28BBC2154EC6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53B40926-F7A8-448F-AC45-E54209AD4632}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{68E25A7A-9F24-4359-AE75-83A1461865FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6ABE0F0E-C864-4FC6-8F67-0436E1EFD363}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6EF6B6F8-9D73-4066-9080-AAEF2E6C76BD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{737EFFEB-0E37-402A-9CC2-89D3349B2B31}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7AF6D2DC-52AA-4B18-9083-2FA1130BBBAC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{82B3A97B-3BCB-4CE6-8D5C-A0448C8291A4}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{89163F3E-7FA5-4157-BC2A-B2F1DACD329D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9346E86F-53E4-421B-8173-158EAE3B0CD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9C98AF6-5273-4F1C-984B-FCB1F0FA0553}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{B27C819A-FD8F-40ED-9FE5-52B5B62FF041}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB77AEED-A304-4DEC-9FCF-BF674D21F498}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC8B3F96-2F13-42BD-9979-23AF33FCA160}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{D59A9C11-DDFF-4E58-B0AA-D5E8C736DA30}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EFAA8820-E81B-4B07-BF4C-9E2A691D6E74}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{EFBAA661-4C09-4895-9A38-86A39CA257D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCDE5C79-0073-492E-ACB5-E300CDF1CAAB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1730D13B-7517-4321-A88B-64627CF67CDC}_is1" = Logon Screen
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.5
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{DAF15FE8-0DE2-487A-9944-B115B50E2AFF}" = ESET Smart Security
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Unlocker" = Unlocker 1.9.1-x64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}" = Splash Lite
"{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1" = Thief 3 Sneaky Upgrade version 1.1.0
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1 - Czech
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.8.0
"PROPLUS" = Microsoft Office Professional Plus 2007
"T:DS Tweaker_is1" = T:DS Tweaker v1.2
"Thief - Deadly Shadows_is1" = Thief - Deadly Shadows
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14. 3. 2013 8:39:32 | Computer Name = Slavo-PC | Source = WinMgmt | ID = 10
Description =
Error - 14. 3. 2013 8:42:00 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 8:42:01 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 10:56:23 | Computer Name = Slavo-PC | Source = WinMgmt | ID = 10
Description =
Error - 14. 3. 2013 11:02:16 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 11:02:17 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 15:14:07 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 15:14:07 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 16:14:10 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 16:14:10 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
[ System Events ]
Error - 14. 3. 2013 16:13:11 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:11 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:19 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:19 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:20 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:21 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:13 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:13 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:14 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:15 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
< End of report >
:OTL Extras logfile created on: 15. 3. 2013 11:00:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Slavo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,91 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 43,53% Memory free
7,81 Gb Paging File | 5,79 Gb Available in Paging File | 74,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 63,38 Gb Total Space | 37,12 Gb Free Space | 58,57% Space Free | Partition Type: NTFS
Drive D: | 402,19 Gb Total Space | 213,63 Gb Free Space | 53,12% Space Free | Partition Type: NTFS
Computer Name: SLAVO-PC | User Name: Slavo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-710883518-3809816073-596470965-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A76F0F0-5F3B-4F98-B4B8-58322576EB73}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{26289F8F-90E8-4E00-BF0B-8321D6624F26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2852D67B-184D-4B82-B974-0D3E0CD4CFC2}" = rport=138 | protocol=17 | dir=out | app=system |
"{2B330D31-1BB1-4F1C-86A5-2F98EACD7D97}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{33987D86-9E50-4CC5-81AE-31A4A5702BEC}" = lport=139 | protocol=6 | dir=in | app=system |
"{3A4673C7-F8B0-4FCC-A81C-28642BB31E54}" = lport=138 | protocol=17 | dir=in | app=system |
"{3D33CB41-9944-4A12-B23D-CD57AA1D2719}" = rport=10243 | protocol=6 | dir=out | app=system |
"{40CC8B01-6B6F-465C-8E9D-603993B296D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41AFE17C-AFBF-404C-80F6-E31C9E0BF022}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41BA70C4-D13E-4609-9401-58C3FF9584FF}" = lport=445 | protocol=6 | dir=in | app=system |
"{4A33E1F1-B33A-4AEE-9DE1-9B4BC9616C67}" = lport=137 | protocol=17 | dir=in | app=system |
"{506E2B34-D4CC-4D6A-A581-E2882F05DD9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5AB89226-56B7-4564-ADA8-95036D39A0AC}" = rport=139 | protocol=6 | dir=out | app=system |
"{7B6E7FFD-9B2C-4FE1-A8E5-43C67455BD8E}" = rport=445 | protocol=6 | dir=out | app=system |
"{883DB9E2-3F03-40F6-A769-C83C09AB45D1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90FBB832-45FD-4DBC-8D09-A162CC5DA277}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A2C9212D-9415-49FF-A8D9-62CC89FD9BD6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D88CDF41-338A-43CA-8CF7-A334302D2A15}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB57113A-2D40-419F-A1E5-0A51907DBB65}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6520A26-F564-4ADC-BD4F-370DEAC416D2}" = rport=137 | protocol=17 | dir=out | app=system |
"{EC11B2BF-DDE3-4006-9B80-9BAE50B38443}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7FE9F40-B14D-4760-BF6D-ECFC30077700}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0238776A-9C68-4F72-8505-337F1F4A7C07}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0242DE37-ED69-4885-8B3D-B896B0354EAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09BEFA4D-CC77-42D1-9A44-3408E1B92383}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1458D336-DEFE-491D-B945-4BAC53A3ABA0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{205CF4A2-39C6-45A6-962C-EB7DAAC6DDD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{261A43AC-D6EC-4B2E-8895-F319B8AE1749}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2DDC9315-1BB3-46CB-A33F-8EA69DD10DA0}" = protocol=6 | dir=out | app=system |
"{2E693822-D5BC-4067-A0DC-230C72D238B8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{35683537-616D-4C75-BEF3-A360463CF0D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{491079F5-9FF3-4C89-859E-B386C4B066A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4E5291F2-3D3B-4E16-BEE1-28BBC2154EC6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53B40926-F7A8-448F-AC45-E54209AD4632}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{68E25A7A-9F24-4359-AE75-83A1461865FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6ABE0F0E-C864-4FC6-8F67-0436E1EFD363}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6EF6B6F8-9D73-4066-9080-AAEF2E6C76BD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{737EFFEB-0E37-402A-9CC2-89D3349B2B31}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7AF6D2DC-52AA-4B18-9083-2FA1130BBBAC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{82B3A97B-3BCB-4CE6-8D5C-A0448C8291A4}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{89163F3E-7FA5-4157-BC2A-B2F1DACD329D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9346E86F-53E4-421B-8173-158EAE3B0CD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9C98AF6-5273-4F1C-984B-FCB1F0FA0553}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{B27C819A-FD8F-40ED-9FE5-52B5B62FF041}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB77AEED-A304-4DEC-9FCF-BF674D21F498}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC8B3F96-2F13-42BD-9979-23AF33FCA160}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{D59A9C11-DDFF-4E58-B0AA-D5E8C736DA30}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EFAA8820-E81B-4B07-BF4C-9E2A691D6E74}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{EFBAA661-4C09-4895-9A38-86A39CA257D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCDE5C79-0073-492E-ACB5-E300CDF1CAAB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1730D13B-7517-4321-A88B-64627CF67CDC}_is1" = Logon Screen
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.5
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{DAF15FE8-0DE2-487A-9944-B115B50E2AFF}" = ESET Smart Security
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Unlocker" = Unlocker 1.9.1-x64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}" = Splash Lite
"{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1" = Thief 3 Sneaky Upgrade version 1.1.0
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1 - Czech
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.8.0
"PROPLUS" = Microsoft Office Professional Plus 2007
"T:DS Tweaker_is1" = T:DS Tweaker v1.2
"Thief - Deadly Shadows_is1" = Thief - Deadly Shadows
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14. 3. 2013 8:39:32 | Computer Name = Slavo-PC | Source = WinMgmt | ID = 10
Description =
Error - 14. 3. 2013 8:42:00 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 8:42:01 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 10:56:23 | Computer Name = Slavo-PC | Source = WinMgmt | ID = 10
Description =
Error - 14. 3. 2013 11:02:16 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 11:02:17 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 15:14:07 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 15:14:07 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 16:14:10 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 14. 3. 2013 16:14:10 | Computer Name = Slavo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
[ System Events ]
Error - 14. 3. 2013 16:13:11 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:11 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:19 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:19 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:20 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:13:21 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:13 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:13 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:14 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 14. 3. 2013 16:15:15 | Computer Name = Slavo-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
< End of report >
Re: Prosim o kontrolu logu
Ten prvni log neni zdaleka cely. Pokud se nic jineho neobjevilo, zopakujte postup, ale tentokrat v nouzovem rezimu.
13.4.2013 pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975
13.4.2013 pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?